Hi, I’m BobH, Finance Associate.

figures/intro.png

Violated the Office Policy

  • By falsifying and manipulating official records.
figures/sabotage.png

Caught by the Administration…

figures/got-fired.png

Got Fired from his Job..

figures/always.png

sabotage Plan.

figures/sabotage.png

Installing a WiFi AP near the office…

  • That has same SSID and Credentials as office device.
figures/Rogue-ap-install.png

If anyone Connect, I got Access..

figures/control.png

Accessing Entire Network.

  • Even can control entire network.
figures/entire-network.png

Disclaimer

  • Educational Purpose only.
  • Please don’t use it anywhere.

Rogue AP attack

  • Falls under Social Engineering.
  • Actions may involve planting unauthorized device inside the secured network.
  • Devices such as switches, Routers, WiFi AP.
figures/rogue-ap.jpg

  • Like, BobH did anyone can do this attack with ease.
  • The device, He installed is called Rouge AP.
  • It is rarely Noticable. So, Normal people can’t realize even if they used for this attack.
  • In addition to that, Ther are many tools available for free.
  • Also, Some deploy ready equipments available online such as WiFi Pineapple

Tools

  • Evil-Twin Framework for RED TEAM
    • OpenSource
    • Written in python.
    • Used for WiFi Pentesting.
    • Able to to Packet sniffing (scapy), Packet injection, and Twin AP creation.
figures/EvilTwinFramework.jpg
  • It is so popular, that Rogue AP attack often refered as Evil-Twin Attack.

Precaution & Safety

  • Follow regular Security update.
  • Say “no” to public Wi-Fi.
  • Encourage use of properly installed, configured and secured wireless LANs only.
  • Good think is some new device can tell apart Evil-Twins.

Prevention Tools

  • Snort 3 for BLUE TEAM.
    • Opensource Intrution Prevention Software.
    • uses a series of rules that help define malicious network activity and Stop those packets.
    • Capable of real-time traffic analysis and packet logging.
figures/snort.jpg

Thank you